user/profile.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Public Profile -- a user's public profile page
  19  *
  20  * - each user can currently have their own page (cloned from system and then customised)
  21  * - users can add any blocks they want
  22  * - the administrators can define a default site public profile for users who have
  23  *   not created their own public profile
  24  *
  25  * This script implements the user's view of the public profile, and allows editing
  26  * of the public profile.
  27  *
  28  * @package    core_user
  29  * @copyright  2010 Remote-Learner.net
  30  * @author     Hubert Chathi <hubert@remote-learner.net>
  31  * @author     Olav Jordan <olav.jordan@remote-learner.net>
  32  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  33  */
  34
  35 require_once(__DIR__ . '/../config.php');
  36 require_once($CFG->dirroot . '/my/lib.php');
  37 require_once($CFG->dirroot . '/user/profile/lib.php');
  38 require_once($CFG->dirroot . '/user/lib.php');
  39 require_once($CFG->libdir.'/filelib.php');
  40
  41 $userid         = optional_param('id', 0, PARAM_INT);
  42 $edit           = optional_param('edit', null, PARAM_BOOL);    // Turn editing on and off.
  43 $reset          = optional_param('reset', null, PARAM_BOOL);
  44
  45 // Even if the user didn't supply a userid, we treat page URL as if they did; this is needed so navigation works correctly.
  46 $userid = $userid ?: $USER->id;
  47 $PAGE->set_url('/user/profile.php', ['id' => $userid]);
  48
  49 if (!empty($CFG->forceloginforprofiles)) {
  50     require_login();
  51     if (isguestuser()) {
  52         $PAGE->set_context(context_system::instance());
  53         echo $OUTPUT->header();
  54         echo $OUTPUT->confirm(get_string('guestcantaccessprofiles', 'error'),
  55                               get_login_url(),
  56                               $CFG->wwwroot);
  57         echo $OUTPUT->footer();
  58         die;
  59     }
  60 } else if (!empty($CFG->forcelogin)) {
  61     require_login();
  62 }
  63
  64 if ((!$user = $DB->get_record('user', array('id' => $userid))) || ($user->deleted)) {
  65     $PAGE->set_context(context_system::instance());
  66     echo $OUTPUT->header();
  67     if (!$user) {
  68         echo $OUTPUT->notification(get_string('invaliduser', 'error'));
  69     } else {
  70         echo $OUTPUT->notification(get_string('userdeleted'));
  71     }
  72     echo $OUTPUT->footer();
  73     die;
  74 }
  75
  76 $currentuser = ($user->id == $USER->id);
  77 $context = $usercontext = context_user::instance($userid, MUST_EXIST);
  78
  79 if (!user_can_view_profile($user, null, $context)) {
  80
  81     // Course managers can be browsed at site level. If not forceloginforprofiles, allow access (bug #4366).
  82     $struser = get_string('user');
  83     $PAGE->set_context(context_system::instance());
  84     $PAGE->set_title($struser);  // Do not leak the name.
  85     $PAGE->set_heading($struser);
  86     $PAGE->set_pagelayout('mypublic');
  87     $PAGE->add_body_class('limitedwidth');
  88     $PAGE->set_url('/user/profile.php', array('id' => $userid));
  89     $PAGE->navbar->add($struser);
  90     echo $OUTPUT->header();
  91     echo $OUTPUT->notification(get_string('usernotavailable', 'error'));
  92     echo $OUTPUT->footer();
  93     exit;
  94 }
  95
  96 // Get the profile page.  Should always return something unless the database is broken.
  97 if (!$currentpage = my_get_page($userid, MY_PAGE_PUBLIC)) {
  98     throw new \moodle_exception('mymoodlesetup');
  99 }
 100
 101 $PAGE->set_context($context);
 102 $PAGE->set_pagelayout('mypublic');
 103 $PAGE->add_body_class('limitedwidth');
 104 $PAGE->set_pagetype('user-profile');
 105
 106 // Set up block editing capabilities.
 107 if (isguestuser()) {     // Guests can never edit their profile.
 108     $USER->editing = $edit = 0;  // Just in case.
 109     $PAGE->set_blocks_editing_capability('moodle/my:configsyspages');  // unlikely :).
 110 } else {
 111     if ($currentuser) {
 112         $PAGE->set_blocks_editing_capability('moodle/user:manageownblocks');
 113     } else {
 114         $PAGE->set_blocks_editing_capability('moodle/user:manageblocks');
 115     }
 116 }
 117
 118 // Start setting up the page.
 119 $strpublicprofile = get_string('publicprofile');
 120
 121 $PAGE->blocks->add_region('content');
 122 $PAGE->set_subpage($currentpage->id);
 123 $PAGE->set_title(fullname($user).": $strpublicprofile");
 124 $PAGE->set_heading(fullname($user));
 125
 126 if (!$currentuser) {
 127     $PAGE->navigation->extend_for_user($user);
 128     if ($node = $PAGE->settingsnav->get('userviewingsettings'.$user->id)) {
 129         $node->forceopen = true;
 130     }
 131 } else if ($node = $PAGE->settingsnav->get('dashboard', navigation_node::TYPE_CONTAINER)) {
 132     $node->forceopen = true;
 133 }
 134 if ($node = $PAGE->settingsnav->get('root')) {
 135     $node->forceopen = false;
 136 }
 137
 138
 139 // Toggle the editing state and switches.
 140 if ($PAGE->user_allowed_editing()) {
 141     if ($reset !== null) {
 142         if (!is_null($userid)) {
 143             if (!$currentpage = my_reset_page($userid, MY_PAGE_PUBLIC, 'user-profile')) {
 144                 throw new \moodle_exception('reseterror', 'my');
 145             }
 146             redirect(new moodle_url('/user/profile.php', array('id' => $userid)));
 147         }
 148     } else if ($edit !== null) {             // Editing state was specified.
 149         $USER->editing = $edit;       // Change editing state.
 150     } else {                          // Editing state is in session.
 151         if ($currentpage->userid) {   // It's a page we can edit, so load from session.
 152             if (!empty($USER->editing)) {
 153                 $edit = 1;
 154             } else {
 155                 $edit = 0;
 156             }
 157         } else {
 158             // For the page to display properly with the user context header the page blocks need to
 159             // be copied over to the user context.
 160             if (!$currentpage = my_copy_page($userid, MY_PAGE_PUBLIC, 'user-profile')) {
 161                 throw new \moodle_exception('mymoodlesetup');
 162             }
 163             $PAGE->set_context($usercontext);
 164             $PAGE->set_subpage($currentpage->id);
 165             // It's a system page and they are not allowed to edit system pages.
 166             $USER->editing = $edit = 0;          // Disable editing completely, just to be safe.
 167         }
 168     }
 169
 170     // Add button for editing page.
 171     $params = array('edit' => !$edit, 'id' => $userid);
 172
 173     $resetbutton = '';
 174     $resetstring = get_string('resetpage', 'my');
 175     $reseturl = new moodle_url("$CFG->wwwroot/user/profile.php", array('edit' => 1, 'reset' => 1, 'id' => $userid));
 176
 177     if (!$currentpage->userid) {
 178         // Viewing a system page -- let the user customise it.
 179         $editstring = get_string('updatemymoodleon');
 180         $params['edit'] = 1;
 181     } else if (empty($edit)) {
 182         $editstring = get_string('updatemymoodleon');
 183         $resetbutton = $OUTPUT->single_button($reseturl, $resetstring);
 184     } else {
 185         $editstring = get_string('updatemymoodleoff');
 186         $resetbutton = $OUTPUT->single_button($reseturl, $resetstring);
 187     }
 188
 189     $url = new moodle_url("$CFG->wwwroot/user/profile.php", $params);
 190     $button = '';
 191     if (!$PAGE->theme->haseditswitch) {
 192         $button = $OUTPUT->single_button($url, $editstring);
 193     }
 194     $PAGE->set_button($resetbutton . $button);
 195
 196 } else {
 197     $USER->editing = $edit = 0;
 198 }
 199
 200 // Trigger a user profile viewed event.
 201 profile_view($user, $usercontext);
 202
 203 // TODO WORK OUT WHERE THE NAV BAR IS!
 204 echo $OUTPUT->header();
 205 echo '<div class="userprofile">';
 206
 207 $hiddenfields = [];
 208 if (!has_capability('moodle/user:viewhiddendetails', $usercontext)) {
 209     $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
 210 }
 211 if ($user->description && !isset($hiddenfields['description'])) {
 212     echo '<div class="description">';
 213     if (!empty($CFG->profilesforenrolledusersonly) && !$currentuser &&
 214         !$DB->record_exists('role_assignments', array('userid' => $user->id))) {
 215         echo get_string('profilenotshown', 'moodle');
 216     } else {
 217         $user->description = file_rewrite_pluginfile_urls($user->description, 'pluginfile.php', $usercontext->id, 'user',
 218                                                           'profile', null);
 219         echo format_text($user->description, $user->descriptionformat);
 220     }
 221     echo '</div>';
 222 }
 223
 224 echo $OUTPUT->heading(get_string('userprofile', 'core_user'), 2, 'sr-only');
 225 echo $OUTPUT->custom_block_region('content');
 226
 227 // Render custom blocks.
 228 $renderer = $PAGE->get_renderer('core_user', 'myprofile');
 229 $tree = core_user\output\myprofile\manager::build_tree($user, $currentuser);
 230 echo $renderer->render($tree);
 231
 232 echo '</div>';  // Userprofile class.
 233
 234 echo $OUTPUT->footer();